From 5f12090fd7ee5e062620ef706f36bdd2a2e53896 Mon Sep 17 00:00:00 2001 From: Patrick Cloke Date: Tue, 10 Oct 2023 11:38:56 -0400 Subject: [PATCH] Add CVE number for advisory GHSA-5chr-wjw5-3gq4. --- CHANGES.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES.md b/CHANGES.md index 0ee3970e2b..6f42ebba93 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -7,7 +7,7 @@ However, please take note of the security advisory that follows. The following issue is fixed in 1.94.0 (and RC). -- [GHSA-5chr-wjw5-3gq4](https://github.com/matrix-org/synapse/security/advisories/GHSA-5chr-wjw5-3gq4) — Moderate Severity +- [GHSA-5chr-wjw5-3gq4](https://github.com/matrix-org/synapse/security/advisories/GHSA-5chr-wjw5-3gq4) / [CVE-2023-45129](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45129) — Moderate Severity A malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service.